Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-9400

NPE in LDAP module if "hasNext" throws an ErrorResultIOException

    Details

    • Support Ticket IDs:

      Description

      If the function

          @Override
          public boolean hasNext() throws ErrorResultIOException {
              // Poll for the next response if needed.
              final Response r = getNextResponse();
              if (!(r instanceof Result)) {
                  // Entry or reference.
                  return true;
              }
      
              // Final result.
              final Result result = (Result) r;
              if (result.isSuccess()) {
                  return false;
              }
      
              throw new ErrorResultIOException(newErrorResult(result));
          }
      

      throw the ErrorResultIOException, then OpenAM throws the NPE.

      Expected result:

      A correct error handling and a generic authentication failure for the user.

      Current result:

      As the error is not handled correctly, the flow is instantly stopped. The user will get a 500.

      NPE:

      java.lang.NullPointerException
      	at com.sun.identity.authentication.modules.ldap.LDAP.process(LDAP.java:453)
      	at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:1035)
      	at com.sun.identity.authentication.spi.AMLoginModule.login(AMLoginModule.java:1209)
      	at sun.reflect.GeneratedMethodAccessor68.invoke(Unknown Source)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at com.sun.identity.authentication.jaas.LoginContext.invoke(LoginContext.java:210)
      	at com.sun.identity.authentication.jaas.LoginContext.login(LoginContext.java:123)
      	at com.sun.identity.authentication.service.AMLoginContext.runLogin(AMLoginContext.java:558)
      	at com.sun.identity.authentication.server.AuthContextLocal.submitRequirements(AuthContextLocal.java:699)
      	at com.sun.identity.authentication.UI.LoginViewBean.processLoginDisplay(LoginViewBean.java:1367)
      	at com.sun.identity.authentication.UI.LoginViewBean.processLogin(LoginViewBean.java:854)
      	at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:522)
      	at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
      	at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
      	at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:473)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.forgerock.openam.xui.XUIFilter.doFilter(XUIFilter.java:131)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:98)
      	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
      	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
      	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
      	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
      	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
      	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
      	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
      	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
      	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
      	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:528)
      	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1099)
      	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:672)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1520)
      	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1476)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
      	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
      	at java.lang.Thread.run(Thread.java:745)
      

      How to reproduced?

      I was in debug mode, forcing returned values of function and changing variables value... That's not something I can describe there unfortunately

        Attachments

          Activity

            People

            • Assignee:
              quentin.castel Quentin CASTEL [X] (Inactive)
              Reporter:
              quentin.castel Quentin CASTEL [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: